<?php 


function fileUpload()
{		
$email = $_SESSION['em'];
$userid = $_SESSION['curuser'];
$file 	= $_FILES["file"]["name"];
$categ 	= $_POST["category"];
$avail 	= $_POST["availability"];
$desc 	= $_POST["desc"];
$date_created = date("F j, Y");
$size 	= $_FILES["file"]["size"];

if ($_FILES["file"]["type"] != NULL)
		{
		if (!($_FILES["file"]["type"] =="application/pdf" || $_FILES["file"]["type"] =="application/msword" || $_FILES["file"]["type"] =="application/powerpoint" || $_FILES["file"]["type"] == "application/excel" || $_FILES["file"]["type"] == "application/vnd.openxmlformats-officedocument.wordprocessingml.document"))	
				{
					echo "<br/>Your file must be of .doc/.docx, .pdf, .zip, .ppt, .xls. Other file types are not allowed<BR>";
					$file_upload = "false";
				}    

			else
			    {
			//		
					 
				//echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
				//$file_name = $row[1];
				if ($_FILES["file"]["type"] =="application/pdf")	
					{$add="uploadedFiles/".$_FILES["file"]["name"];}
				else if ($_FILES["file"]["type"] =="application/msword")
					{$add="uploadedFiles/".$_FILES["file"]["name"];}
				else if ($_FILES["file"]["type"] =="application/vnd.openxmlformats-officedocument.wordprocessingml.document")
					{$add="uploadedFiles/".$_FILES["file"]["name"];}
				else if ($_FILES["file"]["type"] =="application/powerpoint")
					{$add="uploadedFiles/".$_FILES["file"]["name"];}
				else if ($_FILES["file"]["type"] =="application/excel")
					{$add="uploadedFiles/".$_FILES["file"]["name"];}
				
					//File Upload Validation
				if(($_FILES["file"]["size"] / 1024) > 2560)
					{echo "<font color='red'> File Size Not Allowed, it should be 2.5MB or less. </font>";}	    
				else if (file_exists("uploadedFiles/".$_FILES["file"]["name"]))
					{echo "<font color='red'> [error!]:  </font>".$_FILES["file"]["name"] . " already exists.";}
					//Insert into file_prof
				else
				    {						
						if(($categ == "0" ) || ($avail == "0" ))
						{
						echo "Please select an option on the required fields!";
						}
						else
						{						
						move_uploaded_file($_FILES["file"]["tmp_name"], $add);
						$query = mysql_query("INSERT INTO `tblfiles`(date_created, category, availability, filename, description, file_size, 
																	 userid, directory) VALUES ('$date_created', '$categ', '$avail', '$file', 					
																	 '$desc', '$size"." Kb', '$userid', '$add')");
						echo "Uploading file was successful!";
						echo "Filename: " . $_FILES["file"]["name"] . "<br />";
						echo "File-size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
						}
					
					
				}
			}	
			
	echo "<br/><br/><input type='submit' name='blue_button' id='blue_button' value='Upload Another File' onClick=\"location.href='filesharing.php'\"><br/>";
	}//if ($_FILES["file"]["type"] != NULL)
					//upload form here
			else
			{
			echo "
			<link href='css/design.css' rel='stylesheet' type='text/css' />
			<form action='filesharing.php' method='post' enctype='multipart/form-data'>
			<span class='notes'>Note: Fields with (<span class='red'>*</span>) asterisk are required</span>
			<table width='70%' border='0' align='center' cellpadding='2' cellspacing='0'>
  			<tr>
    			<td width='35%' class='right_'>Category:</td>
    			<td width='65%'><select name='category' id='category'>
      				<option value='0'>Select Category</option>
      				<option value='Math'>Mathematics</option>
      				<option value='English'>English</option>
      				<option value='Science'>Science</option>
      				<option value='Makabayan'>Makabayan</option>
					<option value='Makabayan1'>Makabayan1</option>
					<option value='Makabayan2'>Makabayan2</option>
					<option value='Makabayan3'>Makabayan3</option>
					<option value='Makabayan4'>Makabayan4</option>
    			</select><span class='red'>*</span></td>
  			</tr>
  			<tr>
    			<td class='right_'>Availability:</td>
    			<td><select name='availability' id='availability'>
				<option value='0'>Available to</option>";
		
	$get = mysql_query("SELECT  s.sectionid, s.sectionName FROM tblsection s WHERE s.sectionAdviser = '$userid' and s.studentNumber = 0 and s.studentName = 'none' GROUP BY s.sectionName");
	while($row = mysql_fetch_array($get))
	{
		echo "<option value='student, $row[sectionName]'>$row[sectionName]</option>";
		}
			
    			echo "  <option value='teacher'>Teacher</option> 				
    			</select><span class='red'>*</span></td>
  			</tr>
  			<tr>
    			<td class='right_'>Choose File:</td>
    			<td><input type='hidden' name='MAX_FILE_SIZE' value='2000000' />
    			<input name='file' type='file' size='45' /></td>
  			</tr>
  			<tr>
    			<td class='right_'>Description:</td>
    			<td rowspan='2'><label>
      			<textarea name='desc' id='desc' cols='50' rows='4'></textarea>
    			</label></td>
  			</tr>
  			<tr>
    			<td height='49'>&nbsp;</td>
  			</tr>
  			<tr>
    			<td colspan='2' class='right_'><input type='submit' id='blue_button' value='Upload File' /></td>
  			</tr>
			</table>
	</form>";
		//}
	}
}

//display fileshared on teacher
function fileList_t()
{
	
$email = $_SESSION['em'];
$userid = $_SESSION['curuser'];

echo "
<table width='100%' border='0' cellpadding='1' cellspacing='0'>
  <tr>
    <td colspan='4'><strong>Files Shared to My Students</strong></td>
  </tr>
  <tr class='title_menu'>
    <td width='17%'>Category/Section</td>
    <td width='51%'>Filename</td>
    <td width='11%'>Size</td>
    <td width='21%'>Created</td>
	<td width='21%'>Action</td>
  </tr>";

//files shared to students
$data = mysql_query("SELECT * from `tblfiles` where userid='$userid' AND availability LIKE 'student%'"); //where condition
$num_rows = mysql_num_rows($data);
if($num_rows!=0)
{
	while($row = mysql_fetch_array($data))
	{
	
	$ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
	
    $sz = "$row[file_size]" / 1024;
	$sec = substr("$row[availability]", 9);
	 echo
  " <td>$row[category]/$sec</td>
    <td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=download'>$row[filename]</a></td> 
	<td>"; echo round("$sz", 2)." KB</td>
    <td>$row[date_created]</td>
	<td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=delete' onclick=\"return confirm('You sure you want to delete?');\">Delete</a></td>
  </tr>";
  
  $ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
  
    echo "<td>&nbsp;</td>
    <td><div class='desc'>$row[description]</div></td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
	<td>&nbsp;</td>
  </tr>";
			
	}
}
else
{
 echo
  "<tr>
    <td colspan='4' class='none' align='center'>There are no shared files available for your students!</td>
  </tr>";
}

echo "</table>
<br/><br/>
<table width='100%' border='0' cellpadding='1' cellspacing='0'>
  <tr>
    <td colspan='4'><strong>Files Shared to Faculty Members</strong></td>
  </tr>
  <tr class='title_menu'>
    <td width='17%'>Category</td>
    <td width='51%'>Filename</td>
    <td width='11%'>Size</td>
    <td width='21%'>Created</td>
	<td width='21%'>Action</td>
  </tr>";
 //files shared to teachers within same subject
$data = mysql_query("SELECT * from `tblfiles` where userid='$userid' AND availability='teacher'"); //where condition
$num_rows = mysql_num_rows($data);
if($num_rows!=0)
{
	while($row = mysql_fetch_array($data))
	{
	
	$ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
	
  echo
  " <td>$row[category]</td>
    <td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=download'>$row[filename]</a></td> 
	<td>$row[file_size]</td>
    <td>$row[date_created]</td>
	<td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=delete' onclick=\"return confirm('You sure you want to delete?');\">Delete</a></td>
  </tr>";
  
  $ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
    
	echo "<td>&nbsp;</td>
    <td><div class='desc'>$row[description]</div></td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>";
	}
}
else
{
 echo
  "<tr>
    <td colspan='4' class='none' align='center'>There are no shared files available for your co-faculty members!</td>
  </tr>";
}
echo "</table>";
}

//display fileshared to student
function fileList_s()
{
	
$email = $_SESSION['em'];
$userid = $_SESSION['curuser'];

echo "
<table width='100%' border='0' cellpadding='1' cellspacing='0'>
  <tr>
    <td colspan='4'><strong>Files Shared to My Students</strong></td>
  </tr>
  <tr class='title_menu'>
    <td width='17%'>Category/Section</td>
    <td width='51%'>Filename</td>
    <td width='11%'>Size</td>
    <td width='21%'>Created</td>
	<td width='21%'>Action</td>
  </tr>";
//SELECT * FROM `tblsection` s INNER JOIN `tbluser` u WHERE s.sectionName = 'Banana' AND u.userid = '2'
//files shared to students
$data = mysql_query("SELECT * FROM `tblsection` WHERE studentNumber != 0 AND studentNumber = '$userid';"); //where condition
$num_rows = mysql_num_rows($data);
if($num_rows!=0)
{
	while($row = mysql_fetch_array($data))
	{
	
	$ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
	
    $sz = "$row[file_size]" / 1024;
	$sec = substr("$row[availability]", 9);
	 echo
  " <td>$row[category]/$sec</td>
    <td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=download'>$row[filename]</a></td> 
	<td>"; echo round("$sz", 2)." KB</td>
    <td>$row[date_created]</td>
  </tr>";
  
  $ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
  
    echo "<td>&nbsp;</td>
    <td><div class='desc'>$row[description]</div></td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
	<td>&nbsp;</td>
  </tr>";
			
	}
}
else
{
 echo
  "<tr>
    <td colspan='4' class='none' align='center'>There are no shared files available for your students!</td>
  </tr>";
}
echo "</table>";
}

//display fileshared on admin
function fileList_a()
{
	
$email = $_SESSION['em'];
$userid = $_SESSION['curuser'];

echo "
<table width='100%' border='0' cellpadding='1' cellspacing='0'>
  <tr>
    <td colspan='4'><strong>Files Shared to Students</strong></td>
  </tr>
  <tr class='title_menu'>
    <td width='17%'>Category/Section</td>
    <td width='51%'>Filename</td>
    <td width='11%'>Size</td>
    <td width='21%'>Created</td>
	<td width='21%'>Action</td>
  </tr>";

//files shared to students
$data = mysql_query("SELECT * from `tblfiles` WHERE availability LIKE 'student%'"); //where condition
$num_rows = mysql_num_rows($data);
if($num_rows!=0)
{
	while($row = mysql_fetch_array($data))
	{
	
	$ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
	
    $sz = "$row[file_size]" / 1024;
	$sec = substr("$row[availability]", 9);
	 echo
  " <td>$row[category]/$sec</td>
    <td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=download'>$row[filename]</a></td> 
	<td>"; echo round("$sz", 2)." KB</td>
    <td>$row[date_created]</td>
	<td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=delete' onclick=\"return confirm('You sure you want to delete?');\">Delete</a></td>
  </tr>";
  
  $ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
  
    echo "<td>&nbsp;</td>
    <td><div class='desc'>$row[description]</div></td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
	<td>&nbsp;</td>
  </tr>";
			
	}
}
else
{
 echo
  "<tr>
    <td colspan='4' class='none' align='center'>There are no shared files available for your students!</td>
  </tr>";
}

echo "</table>
<br/><br/>
<table width='100%' border='0' cellpadding='1' cellspacing='0'>
  <tr>
    <td colspan='4'><strong>Files Shared to Faculty Members</strong></td>
  </tr>
  <tr class='title_menu'>
    <td width='17%'>Category</td>
    <td width='51%'>Filename</td>
    <td width='11%'>Size</td>
    <td width='21%'>Created</td>
	<td width='21%'>Action</td>
  </tr>";
 //files shared to teachers
$data = mysql_query("SELECT * from `tblfiles` where availability='teacher'"); //where condition
$num_rows = mysql_num_rows($data);
if($num_rows!=0)
{
	while($row = mysql_fetch_array($data))
	{
	
	$ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
	
  echo
  " <td>$row[category]</td>
    <td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=download'>$row[filename]</a></td> 
	<td>$row[file_size]</td>
    <td>$row[date_created]</td>
	<td><a href='filesharing.php?FileDir=$row[4]&FileId=$row[0]&actionFile=delete' onclick=\"return confirm('You sure you want to delete?');\">Delete</a></td>
  </tr>";
  
  $ctr++;
	if($ctr%2==1)
	{
		echo "<tr bgcolor='#e5edbe'>";
	}
	else
	{
		echo
		"<tr bgcolor='#eff3dc'>";
	}
    
	echo "<td>&nbsp;</td>
    <td><div class='desc'>$row[description]</div></td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>";
	}
}
else
{
 echo
  "<tr>
    <td colspan='4' class='none' align='center'>There are no shared files available for your co-faculty members!</td>
  </tr>";
}
echo "</table>";
}

			$FileId = $_GET["FileId"];
			$FileDir = "uploadedFiles/".$_GET["FileDir"];
			$actionFile = $_GET["actionFile"];
			$userid = $_SESSION['curuser'];
			if($actionFile == "delete")
			{	
				include('../controller/functions.php');
				User::connection();
				$del = mysql_query("DELETE FROM tblfiles WHERE fileid=$FileId AND userid=$userid")or die("Ayaw! : " . mysql_error()); 
				if($del){unlink($FileDir);
				echo "<script language='javascript'>
				alert('File has been successfully deleted!')
				</script>"; }
			
			}
			
			else if($actionFile == "download")
			{
			
				if (file_exists($FileDir)) 
				{
					header('Content-Description: File Transfer');
					header('Content-Type: application/octet-stream');
					header('Content-Disposition: attachment; filename='.basename($FileDir));
					header('Content-Transfer-Encoding: binary');
					header('Expires: 0');
					header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
					header('Pragma: public');
					header('Content-Length: ' . filesize($FileDir));
					ob_clean();
					flush();
					readfile($FileDir);
					exit;
				} 

			}


?>